Stunnel & OpenSSL problems

[Pops]

I'm trying to get HFS to be more secure, but I'm having a hard time with it.  Stunnel seems to work fine, but I can't find a copy of OpenSSL that includes EVERYTHING.  If I download it from the sites shown in the wiki, I don't get the OpenSSL.exe.  If I try to get it from somewhere else, it won't work with the set of dll files I have. . .

Does anyone know where to get Stunnel, OpenSSL, and the 0.9.8d package from the same place?  I've been toying with this for over an hour and can't find a way around it.  Any help is appreciated.

Here's the dll's that register as nonexistent, incompatible or missing origin lines:  ssleay32, libeay32, libssl32.

I'm currently running Vista, but I had the exact same problem when I tried to do this on my XP computer before it died a few months back.

Pops

[ELEVENNNN]

Hey, you may have already tryed this, and I didnt try to regdll them but see if these work for you (attached).  You may just be missing an entire library though.

Entire listing: http://www.stunnel.org/download/stunnel/win32/

-Kurt (Two post because it was just over max KB size)

[ELEVENNNN]

And here is the second part.

Also I remember Stunnel being mentioned on a previous post on the HFS forum, thats what search is for 

-Kurt

[Unknown8063]

If I remember things correctly, STunnel is pretty easy to set up on Windows - it's OpenSSL that is a pain.  I would recommend either generated a pem directly from STunnel's site: http://www.stunnel.org/pem/ or (preferably) using a linux computer with OpenSSL installed to generate the pem and then transfer it over.  Once you have the certificate signed I don't think you need OpenSSL - just STunnel.  Please correct me if I'm wrong.

[Richard]

The easy way to enable SSL for the HFS File Server;

1. Download Psiphon, Stunnel and OpenSSL.

2. Launch Psiphon and tune your SSL certificate in settings.
 (SSL certificatie common name recommended to be your external IP or DNS)

3. When you're done you should move/copy cert.pem and
 key.pem into the Stunnel directory.

4 WIPE any COPIES of your private key. (key.pem)

5. In stunnel.conf;
cert = cert.pem
key = key.pem
...
debug = 7
output = stunnel.log
...
[https]
accept  = 443
connect = 127.0.0.1:22
TIMEOUTclose = 0

6. In HFS you point your server to listen to port 127.0.0.1 over port 22.
In accept connections from you choose the same loopback address 127.0.0.1.

Logging of remote connections will occur in Stunnel.log.


That would do the job I guess.

Good luck.

[Mars]

 What is Psiphon? no link ? no explain?

Psiphon seems to be a proxy system, in that case it is not interesting about is the popular security

[Richard]

@Mars

Psiphon will create a valid certificate and private key for you without using the command line.

Ounce you have those jou don't need to deploy Psiphon any further.


Links; psiphon.ca and en.wikipedia.org/wiki/Psiphon

[SilentPliz]

   
Filezilla server can also do that.
But it's always good to have an alternative solution.  

http://www.rejetto.com/forum/index.php?topic=6651.msg1040766#msg1040766

And even better, the program created by AvvA can install Stunnel and HFS, ready to use (creation of certificate included).

http://www.rejetto.com/forum/index.php?topic=7100.0

[sharf]

It installed..but when I try to connect to it...I get a certificate error with this:
The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.

....is it supposed to do that?

also upon launching, Malwarebyte's blocked it as a malicious file...I allowed it assuming it is ok...can someone clarify what happened for me?